package dsf.eshop.user.shiro;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.stereotype.Component;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

@Slf4j
//@Component
public class MyFormAuthenticationFilter extends FormAuthenticationFilter {

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {

        String url = ((HttpServletRequest)request).getRequestURL().toString();
        String method = ((HttpServletRequest)request).getMethod();
        log.info(">>>>>>url {}", url);
        log.info(">>>>>>methon {}", method);
        if(((url.equals("http://localhost:8010/home/login") && method.equals("POST")))) {

            String captchaCode = (String) request.getParameter("captchaCode");
            String captchaCode1 = (String) ((HttpServletRequest) request).getSession().getAttribute("captchaCode");
            log.info("输入验证码{} 正确的验证码{}", captchaCode, captchaCode1);
            if(null ==captchaCode || !captchaCode.toLowerCase().equals(captchaCode1.toLowerCase())) {
                request.setAttribute("shiroLoginFailure", "kaptchaValidateFailed");
                log.error("wrong captchaCode");
                return true;
            }
        }

        return super.onAccessDenied(request, response, mappedValue);
    }
}
